I doubt, CCP will do this for everyone, so the concept behind this should be something else, which I am still missing, which for sure is my fault. I will completely redo the code and post again if it fails.

Inbetween, if there is someone who REALLY knows, I’ll pay 250M ISK for a working, commented and readable solution, just login using EVE SSO, get a token, get a character ID and retrieve something from the character.

Ok, after reading everything, I do not think this works correctly. So if there is anyone who actally managed to get a character ID within a browser session (not only a token token is easy using implicit) please let me know.

And it would be nice if CCP would get someone in just to make it clear. Is the Allow-Access-Origins header set or not?

I am still offering 250M ISK for a working solution using a webpage and js.

it finally works, but I think for no reason. I did a GET request using $,ajax, while you are doing a $.jsonGET, which in my opinion in this case are the same. Doing getJSON worked for me, so I will not bother finding out the difference

I sent you 250 M ISK (Proof: https://i.imgur.com/HxDdBRJ.png) , as you provided a working solution and I am keeping my promise. Thanks again and you have my next CSM vote again!